Scammers prefer tricking you with malicious URLs instead of boring email attachments
While some are easy to spot, scammers are getting more clever with their malicious content.
We have all received them. You know, those emails with links that look like they are real, but they couldn’t be farther from that. But, we all know that one person who clicked on it and then they were phished.
It turns out, there has been an increase in those emails this past year. People checking their inboxes are more likely to receive an email with a dubious link than any form of phishing methods. This comes from an extensive report by Proofpoint, a cybersecurity research firm. Chris Dawson, an Intelligence Researcher for the firm, commented on cybercriminals’ habitual use of email.
Email-based threats are among the oldest, most pervasive, and widespread cybersecurity threats hitting organizations worldwide. From massive malware campaigns targeting millions of recipients with banking Trojans to carefully crafted email fraud, the email threat landscape is extremely diverse, creating a wide range of opportunities for threat actors to attack organizations.
The report found that 88% of unscrupulous emails contained dangerous URLs and almost half of them were banking or financial-related. Another trend in the phishing emails was extortion AND sextortion court summons. Both kinds of emails would demand a large sum of money or else they would be sent to jail.
There was also a spike in the usage of the infamous malware Emotet. *cue dramatic music*
Proofpoint found that nearly 90% of phishing attempts were through email
For those unfamiliar with what Emotet is (to be honest, it sounds like an angsty Egyptian pharaoh) it is a type of malware that steals financial information. It was previously popular amongst cybercriminals across the world, but starting in 2019, it became common in the United States.
In a rather interesting way to lure people in to click on the links, the word “Snowden” would often appear. It would be followed by a quick blurb about a case against Edward Snowden or a related-news story about the NSA whistleblower.
How do you protect yourself from such threats? Along with just not clicking on it, Proofpoint recommends to find and utilize a strong email security platform. For large companies, they suggest partnering up with a cybersecurity firm.
What do you think? Ever been tricked by an email scam? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.
- Tech Hangover: It’s time to quit your Juul
- Restarting your computer after a ransomware attack could result in more problems
- Fitbit reassures everyone that Google won’t sell their data – Users say otherwise